Many antivirus companies fail to block the latest Java exploit

According to an analysis conducted by the AV-Comparatives test lab on behalf of The H‘s associates at heise Security, less than half of the 22 anti-virus programs tested protect users against the currently circulating Java exploit that targets a highly critical vulnerability in Javaversion 7 Update 6.

Two versions of the exploit were tested: the basic version that was largely based on the published proof of concept and started the notepad instead of the calculator, and, for the second variant, heise Security added a download routine that writes an EXE file to disk from the internet. The test system was Windows XP that, except in the case of Avast, Microsoft and Panda, had the full versions of the security suites installed. For Avast, Microsoft and Panda, the researchers used the free versions of the products.